+ Reply to Thread
Results 1 to 9 of 9
  1. Senior Member
    Join Date
    Sep 2016
    Location
    UK
    Posts
    159

    Certifications
    CCENT, Network+, MCP, MCTS: Windows 7
    #1

    Default How to get into pen testing?

    Hello all,

    I currently work in IT support but my career goal is to get into IT security especially pen testing.

    What skills are required to become an ethnical hacker? What certification path should I take?

    Many thanks.
    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    May 2006
    Posts
    2,159

    Certifications
    CISSP, CCSP, CCNA Cyber Ops, eJPT, ITIL,PA ACE,Qualys Certified Specialist, A+
    #2
    Study, study, study everything and anything. One of the big certifications is the below. If you want to be a pen tester, you should look at the below site. Learn Kali and Linux.
    https://www.offensive-security.com/
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Apr 2013
    Posts
    2,067
    #3
    More specifically the OSCP on the link above. There are other certs, and other ways of doing it but that's a completely hands on cert that is respected by people who know what it is. What's your network knowledge look like? You do realize you might spend a LOT of time writing reports?
    Reply With Quote Quote  

  5. Member
    Join Date
    May 2013
    Location
    Singapore
    Posts
    58

    Certifications
    Network+, SSCP, CHFI, eJPT, GCIH
    #4
    Quote Originally Posted by Nisseki View Post
    Hello all,

    I currently work in IT support but my career goal is to get into IT security especially pen testing.

    What skills are required to become an ethnical hacker? What certification path should I take?

    Many thanks.
    Hi Nisseki,

    Look at your country's job portals and their requirements.

    For example, pen-testing in the UK might require that you obtain certifications from CREST.

    Work towards that, and learn as much as you can via other means.

    Whether it be studying certifications, setting up your own lab, obtaining approval from your management to perform pen-testing internally or boning up on different Red Team and Blue Team books.



    And most importantly, never lose sight of that goal.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    1,005

    Certifications
    C****, C***, C**
    #5
    Agree with Nebula15, since you are in UK, you may want to look at CESG CHECK of which CREST is one of the approved certifications. They are bringing CREST certifications to Singapore and possibly making it a mandatory requirement for companies doing pen testing for banks. Which means you may get to enjoy a stint in sunny Singapore with your CREST certification.
    Reply With Quote Quote  

  7. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,591

    Certifications
    GPEN, GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #6
    As others have said, certifications and OSCP is king. Lab and learn constantly. Consider adding a web-based certs like eWAPT from eLearnsecurity to complement OSCP
    Goal: MBA, March 2020
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Sep 2016
    Location
    UK
    Posts
    159

    Certifications
    CCENT, Network+, MCP, MCTS: Windows 7
    #7
    Thanks for the advice.

    Now I know what certifications to go for. What skill set is required for a pen tester?

    I know strong networking knowledge is one of them. Any programming languages?

    Many thanks.
    Reply With Quote Quote  

  9. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #8
    I would think getting into Vulnerability Management would lead into Pentesting
    Reply With Quote Quote  

  10. Member
    Join Date
    Jan 2017
    Posts
    98
    #9
    I also have a strong networking background but I have been (programming wise) working with Python. Pretty strong in nmap usage which is also fun. Im also preparing for the OSCP.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks